Tester for å verifisere at ugyldig dato gir http 400

Watercolours · Watercolours · commit 972a55b9747e · 2025-04-09T09:25:03.000+02:00
diff --git a/app/main/api/Routes.kt b/app/main/api/Routes.kt
@@ -17,26 +17,26 @@ import api.util.Consumers.getConsumerTag
 import api.util.httpCallCounter
 import api.util.httpFailedCallCounter
 import api.util.sporingsloggFailCounter
-import io.ktor.http.*
-import io.ktor.server.application.*
-import io.ktor.server.auth.*
-import io.ktor.server.plugins.callid.*
-import io.ktor.server.request.*
-import io.ktor.server.response.*
-import io.ktor.server.routing.*
+import io.ktor.http.HttpStatusCode
+import io.ktor.server.application.ApplicationCall
+import io.ktor.server.auth.authenticate
+import io.ktor.server.plugins.callid.callId
+import io.ktor.server.request.header
+import io.ktor.server.request.path
+import io.ktor.server.request.receive
+import io.ktor.server.response.respond
+import io.ktor.server.routing.Route
+import io.ktor.server.routing.post
+import io.ktor.server.routing.route
 import io.micrometer.prometheusmetrics.PrometheusMeterRegistry
-import no.nav.aap.arenaoppslag.kontrakt.ekstern.EksternVedtakRequest
-import org.slf4j.LoggerFactory
-import java.text.DateFormat
 import java.time.LocalDate
-import java.time.LocalDateTime
-import java.time.ZoneId
 import java.time.format.DateTimeFormatter
 import java.time.format.DateTimeFormatterBuilder
 import java.time.format.DateTimeParseException
-import java.util.*
+import java.util.UUID
+import no.nav.aap.arenaoppslag.kontrakt.ekstern.EksternVedtakRequest
+import org.slf4j.LoggerFactory
 
-private val secureLog = LoggerFactory.getLogger("secureLog")
 private val logger = LoggerFactory.getLogger("App")
 
 fun Route.api(
diff --git a/app/main/api/util/ErrorHandling.kt b/app/main/api/util/ErrorHandling.kt
@@ -2,13 +2,12 @@ package api.util
 
 import api.auth.SamtykkeIkkeGittException
 import api.sporingslogg.SporingsloggException
-import io.ktor.http.*
-import io.ktor.server.plugins.*
-import io.ktor.server.plugins.statuspages.*
-import io.ktor.server.request.*
+import io.ktor.http.HttpStatusCode
+import io.ktor.server.plugins.BadRequestException
+import io.ktor.server.plugins.statuspages.StatusPagesConfig
 import io.ktor.server.request.ContentTransformationException
-import io.ktor.server.response.*
-import io.ktor.util.*
+import io.ktor.server.request.path
+import io.ktor.server.response.respond
 import io.micrometer.prometheusmetrics.PrometheusMeterRegistry
 import no.nav.aap.komponenter.httpklient.httpclient.error.ManglerTilgangException
 import org.slf4j.Logger
@@ -17,13 +16,10 @@ data class FeilRespons(
     val melding: String,
 )
 
-fun Throwable.findRootCause(): Throwable {
-    var current: Throwable = this
-    while (current.cause != null && current.cause != current) {
-        current = current.cause!!
-    }
-    return current
-}
+private fun Throwable.findRootCause(): Throwable =
+    generateSequence(this) { it.cause }
+        .takeWhile { it.cause != it }
+        .last()
 
 fun StatusPagesConfig.feilhåndtering(
     logger: Logger,
@@ -57,7 +53,6 @@ fun StatusPagesConfig.feilhåndtering(
                 call.respond(HttpStatusCode.BadRequest, "${rootCause.message}")
             }
 
-
             is IllegalArgumentException -> {
                 logger.warn("Feil i mottatte data", cause)
                 call.respond(HttpStatusCode.BadRequest, "Feil i mottatte data")
diff --git a/app/test/AfpOffentligServerTest.kt b/app/test/AfpOffentligServerTest.kt
@@ -15,6 +15,7 @@ import io.ktor.client.call.*
 import io.ktor.client.plugins.contentnegotiation.*
 import io.ktor.client.request.*
 import io.ktor.client.statement.*
+import io.ktor.client.utils.EmptyContent.contentType
 import io.ktor.http.*
 import io.ktor.serialization.jackson.*
 import io.ktor.server.testing.*
@@ -30,8 +31,10 @@ import org.junit.jupiter.api.BeforeAll
 import org.junit.jupiter.api.Test
 import java.time.LocalDate
 import java.util.*
+import org.junit.jupiter.params.ParameterizedTest
+import org.junit.jupiter.params.provider.CsvSource
 
-class AfpOffentligServerTest {
+internal class AfpOffentligServerTest {
     companion object {
         private val server = MockOAuth2Server()
 
@@ -62,7 +65,6 @@ class AfpOffentligServerTest {
             val wellnowurl = server.wellKnownUrl("default").toString()
             val jwksuri = server.jwksUrl("default").toString()
 
-
             System.setProperty("MASKINPORTEN_JWKS_URI", jwksuri)
             System.setProperty("MASKINPORTEN_ISSUER", server.issuerUrl("default").toString())
             System.setProperty("MASKINPORTEN_WELL_KNOWN_URL", wellnowurl)
@@ -165,6 +167,79 @@ class AfpOffentligServerTest {
         )
     }
 
+    @Test
+    fun `AFP felles - Ugyldig request gir 400 Bad request`() = testApplication {
+        application {
+            api(
+                Config(),
+                MockProducer(),
+                ApiInternKlient(),
+                tpRegisterKlient(),
+            )
+        }
+
+        val jwt = issueToken("nav:aap:afpprivat.read")
+
+        val response = client.post("/afp/fellesordningen") {
+            header("Authorization", "Bearer ${jwt.serialize()}")
+            header("X-callid", UUID.randomUUID().toString())
+            contentType(ContentType.Application.Json)
+            setBody("""{"personidentifikator":"1234","fraOgMedDato":"2025-01-01","tilOgMedDato":"2024-01-01","saksId":"123"}""")
+        }
+
+        assertEquals(HttpStatusCode.BadRequest, response.status)
+    }
+
+    @Test
+    fun `AFP offentlig - Ugyldig request gir 400 Bad request`() = testApplication {
+        application {
+            api(
+                Config(),
+                MockProducer(),
+                ApiInternKlient(),
+                tpRegisterKlient(),
+            )
+        }
+
+        val jwt = issueToken("nav:aap:afpoffentlig.read")
+
+        val response = client.post("/afp/offentlig") {
+            header("Authorization", "Bearer ${jwt.serialize()}")
+            header("X-callid", UUID.randomUUID().toString())
+            contentType(ContentType.Application.Json)
+            setBody("""{"personidentifikator":"1234","fraOgMedDato":"2025-01-01","tilOgMedDato":"2024-01-01","saksId":"123"}""")
+        }
+
+        assertEquals(HttpStatusCode.BadRequest, response.status)
+    }
+
+    @ParameterizedTest
+    @CsvSource(
+        "/tp-samhandling",
+        "/tp-samhandling-med-utbetalinger",
+    )
+    fun `TP Samhandling - Ugyldig request gir 400 Bad request`(endepunkt: String) = testApplication {
+        application {
+            api(
+                Config(),
+                MockProducer(),
+                ApiInternKlient(),
+                tpRegisterKlient(),
+            )
+        }
+
+        val jwt = issueToken("nav:aap:tpordningen.read")
+
+        val response = client.post(endepunkt) {
+            header("Authorization", "Bearer ${jwt.serialize()}")
+            header("X-callid", UUID.randomUUID().toString())
+            contentType(ContentType.Application.Json)
+            setBody("""{"personidentifikator":"1234","fraOgMedDato":"2025-01-01","tilOgMedDato":"2024-01-01"}""")
+        }
+
+        assertEquals(HttpStatusCode.BadRequest, response.status)
+    }
+
     private fun tpRegisterKlient(ønsketSvar: Boolean? = true) = object : ITpRegisterClient {
         override fun brukerHarTpForholdOgYtelse(
             fnr: String,
